Archive For: Uncategorized
-
November 9, 2023
Categories:
-
Wordfence just launched its bug bounty program. Over the next 6 months, all awarded bounties receive a 10% bonus. View the announcement to learn more now! Last week, there were 79 vulnerabilities disclosed in 64 WordPress Plugins and no WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 22 Vulnerability... Read More
-
September 19, 2023
Categories:
-
On August 18, 2023, the Wordfence Threat Intelligence team initiated the responsible disclosure process for two PHP Object Injection vulnerabilities in the Essential Blocks plugin for WordPress, a plugin with over 100,000 installations. We received a response three days later and sent over our full disclosure on August 23, 2023. A patched version of the... Read More
-
August 10, 2023
Categories:
-
Last week, there were 29 vulnerabilities disclosed in 24 WordPress Plugins and no WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 18 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities in this report now to ensure your site is not affected. Our mission with... Read More
Alongside our usual work to discover, report, and remediate vulnerabilities in the WordPress ecosystem, the WordPress Threat Intelligence team has been conducting a deep-dive into WordPress plugin code with the objective of finding methods to bypass authentication and gain elevated privileges in WordPress plugins so we can help developers patch these vulnerabilities before threat actors... Read More
-
April 19, 2023
Categories:
-
On April 5, 2023, our Wordfence Threat Intelligence team identified and began the responsible disclosure process for a stored Cross-Site Scripting (XSS) vulnerability in Blubrry’s PowerPress plugin, which is actively installed on more than 50,000 WordPress websites. The vulnerability enables threat actors with contributor-level permissions or higher to inject malicious web scripts into pages using... Read More
WPSanity.com Finds Passwords A Problem We find that almost 25% of the sites that come to us having been hacked would have been safe if they had used proper passwords. It’s very simple to create secure passwords that are easy to remember and will comply to secure password standards. Introduction Creating a secure password is... Read More
Based On Our Experience Here at WPSanity.com and our parent company Tech-Line.com, we have found 5 issues with WordPress website that seem to be the primary source of security issues. I thought it might help to share these with you. Introduction WordPress is one of the most popular content management systems (CMS) used to create... Read More
-
December 21, 2022
Categories:
-
In an ideal world, vulnerabilities would not exist. A request would be sent to a server, properly validated, and only the intended information would be provided by the server. Of course, this is not a perfect world, and vulnerabilities can be introduced unintentionally, or even found due to previously unknown weaknesses within the programming language.... Read More
Tap To Call